Within a regular security audit, we encountered a security issue where specially crafted parameters can lead to unauthorized administrative access to the shop backend. All OXID eShop editions version 4 are affected.